Iran nuclear facilities struck down by midnight ‘thunder’

via zdnet news

Iran’s nuclear program has been hit by a cyber virus that has shut down key computerised functions at two facilities and played music by the rock band AC/DC at loud volumes, according to a report oninternet security website F-Secure.

The website earlier this week said that it was informed of the cyber attack by a scientist working at the Atomic Energy Organisation of Iran (AEOI), who sent F-Secure an email detailing the breach.

F-Secure had confirmed the email came from within AEOI.

The email said: “Our nuclear program has once again been compromised and attacked by a new worm … The automation network and Siemens hardware were attacked and shut down. I only know very little about these cyber issues as I am [a] scientist, not a computer expert.

“There was also some music playing randomly on several of the workstations during the middle of the night, with the volume maxed out. I believe it was playing ‘Thunderstruck’ by AC/DC.”

The two facilities in question are the Natanz facility, which was the target of the Stuxnet attack, and a facility located near Qom, Iran.

Iran’s cyber security experts working on the issue wrote to scientists, stating that they believe the attacker had access to the facilities’ VPN and had used the popular open-source exploitation framework Metasploit to gain access to its systems. Metasploit itself enables computers to be scanned, mostly autonomously, for known vulnerabilities, making it an easy way for attackers to infiltrate systems without necessarily understanding how the exploit works.

Iran’s nuclear program has been a frequent target of cyber attacks, which the country’s leaders have blamed on Israel and the United States.